packages/iSulad
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
iSulad/0003-fix-security-opt-parsing-access-out-of-bounds.patch
lifeng68 97f5e13ccd isulad: set log level to warning in quota 
Signed-off-by: lifeng68 <lifeng68@huawei.com>
2020-09-18 11:55:53 +08:00

77 lines
2.8 KiB
Diff
Raw Blame History

From 3d1e3499794efe10891fe656a6e0b8847fee6558 Mon Sep 17 00:00:00 2001
From: wujing <Jing.Woo@outlook.com>
Date: Fri, 11 Sep 2020 09:45:20 +0800
Subject: [PATCH 03/10] fix: security-opt parsing access out of bounds
Signed-off-by: wujing <Jing.Woo@outlook.com>
---
src/client/connect/pack_config.c | 43 +++++---------------------------
1 file changed, 6 insertions(+), 37 deletions(-)
diff --git a/src/client/connect/pack_config.c b/src/client/connect/pack_config.c
index fbcd7b4..0e4224d 100644
--- a/src/client/connect/pack_config.c
+++ b/src/client/connect/pack_config.c
@@ -1178,25 +1178,10 @@ erro_out:
}
static int append_no_new_privileges_to_security_opts(host_config *dstconfig)
{
- int ret = 0;
- size_t new_size, old_size;
- char **tmp_security_opt = NULL;
-
- if (dstconfig->security_opt_len > (SIZE_MAX / sizeof(char *)) - 1) {
- COMMAND_ERROR("Out of memory");
- return -1;
- }
- new_size = (dstconfig->security_opt_len + 1) * sizeof(char *);
- old_size = dstconfig->security_opt_len * sizeof(char *);
- ret = mem_realloc((void **)(&tmp_security_opt), new_size, (void *)dstconfig->security_opt, old_size);
- if (ret != 0) {
- COMMAND_ERROR("Out of memory");
- return ret;
- }
- dstconfig->security_opt = tmp_security_opt;
- dstconfig->security_opt[dstconfig->security_opt_len++] = util_strdup_s("no-new-privileges");
+ dstconfig->security_opt[dstconfig->security_opt_len] = util_strdup_s("no-new-privileges");
+ dstconfig->security_opt_len++;
- return ret;
+ return 0;
}
static int append_seccomp_to_security_opts(const char *full_opt, const char *seccomp_file, host_config *dstconfig)
@@ -1264,26 +1249,10 @@ out:
static int append_selinux_label_to_security_opts(const char *selinux_label, host_config *dstconfig)
{
- int ret = 0;
- size_t new_size;
- size_t old_size;
- char **tmp_security_opt = NULL;
-
- if (dstconfig->security_opt_len > (SIZE_MAX / sizeof(char *)) - 1) {
- COMMAND_ERROR("Too large security options");
- return -1;
- }
- new_size = (dstconfig->security_opt_len + 1) * sizeof(char *);
- old_size = dstconfig->security_opt_len * sizeof(char *);
- ret = mem_realloc((void **)(&tmp_security_opt), new_size, (void *)dstconfig->security_opt, old_size);
- if (ret != 0) {
- COMMAND_ERROR("Out of memory");
- return ret;
- }
- dstconfig->security_opt = tmp_security_opt;
- dstconfig->security_opt[dstconfig->security_opt_len++] = util_strdup_s(selinux_label);
+ dstconfig->security_opt[dstconfig->security_opt_len] = util_strdup_s(selinux_label);
+ dstconfig->security_opt_len++;
- return ret;
+ return 0;
}
static int parse_security_opts(const isula_host_config_t *srcconfig, host_config *dstconfig)
--
2.25.1
Reference in New Issue View Git Blame Copy Permalink